If you do not want to type in a password every time you log in into a machine an ssh key can be used as an alternative identification method. Such a key must still be protected by a password to prevent other people from using it, but a key manager can be used to prevent you from typing in this password multiple times.
In order to create an ssh key the following command must be run:
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
This command can be run from a Linux terminal, an OS X terminal, or within MobaXterm, and it has to be run on your local machine (i.e. not on Hábrók!).
After you have executed the command you will be presented with the following dialog:
Generating public/private ed25519 key pair.
The default location (~/.ssh/id_ed25519) should normally be fine. You will be asked for the passprhase. You have to give it twice to prevent typing mistakes.
Enter passphrase (empty for no passphrase): Enter same passphrase again:
Now the key will be generated.
Your identification has been saved in ~/.ssh/id_ed25519 Your public key has been saved in ~/.ssh/id_25519.pub The key fingerprint is: SHA256:w2HD3c+ax12jfOfr518emhTT42216RURnEbJbbIDxnQ yourname@yoursystem The key's randomart image is: +--[ED25519 256]--+ | o. Eo+| | . . .+..*+| | = .....= | | o o o+ .| | S oo*o| | . .+=.X| | o+o*B| | ..=+*| | o.=O| +----[SHA256]-----+
In order to use the key for logging in into Hábrók the public part of the key has to be copied to the list of authorized keys in your Hábrók account. This can be achieved in the following way.
Copy the public key to Hábrók using scp:
scp .ssh/id_ed25519.pub p12345@login1.hb.hpc.rug.nl:desktop_key.pub
Note that you have to adjust your username. You will be asked for your password, after which the file will be copied.
p12345@habrok.hpc.rug.nl's password: Restoring modules to user's default id_ed25519.pub 100% 396 0.4KB/s 00:00
The contents of this file has to be added to a file called authorized_keys
in a directory named .ssh
in your home directory. You have to create the directory .ssh
if it is not there yet. On Hábrók the following actions have to be taken.
mkdir .ssh
chmod go-rwx .ssh
desktop_key.pub
) to the file authorized_keyscat desktop_key.pub >> .ssh/authorized_keys
authorized_keys
chmod go-w .ssh/authorized_keys
After setting this up in the way described you should be able to log in without having to enter a password multiple times. The key manager should ask for your key password only once.
For this to work correctly in MobaXterm the use private key
option must be enabled. By default it will use the correct location of the id_ed25519 file.
You can find this option by left clicking on your session, choose Edit session
, then select SSH
and finally Advanced SSH settings
: